remote attacker eavesdropping traffic   .= Good
| remote attacker eavesdropping wireless credentials   .= So-so
| | Any attacker defeating data encryption   .= Bad
| | | local attacker eavesdropping traffic   .= I don't know yet
| | | | remote attacker usurps network access
| | | | | Accountability for abuses
| | | | | | Rogue AP fishes for network credentials
| | | | | | | server platform acceptance
| | | | | | | | client platform acceptance
| | | | | | | | | server ease of implementation
| | | | | | | | | | client ease of implementation
| | | | | | | | | | | server ease of maintenance
| | | | | | | | | | | | client ease of maintenance
| | | | | | | | | | | | | Industry confidence against future threats
| | | | | | | | | | | | | |
  clear                             \
WEP .-1key                              |
WPA .-1key                              |
WPA2 .-1key                              }--- Link Layer
WPA .+Radius                              |
WPA2 .+Radius                             /
  IPSEC                             \
  VPN                              |
  PPPOE                              }--- Higher Layer
  PPTP                              |
NoCat .-SSL                              |
NoCat .+SSL                             /
A B C D E F G J K L M N O P
Security Convenience